Code Review Request, JDK-8213782: NullPointerException in sun.security.ssl.OutputRecord.changeWriteCiphers

Anthony Scarpino anthony.scarpino at oracle.com
Fri Dec 14 20:26:59 UTC 2018


Other than my nit about the “make the compiler happy”, this all looks fine.

For KeyUpdate, shouldn’t it never be null given the suite and protocol are already known good?  I have not problem with the check to be cautious even if it should never happen. 

Tony 

> On Dec 14, 2018, at 9:00 AM, Xue-Lei Fan <xuelei.fan at oracle.com> wrote:
> 
> Hi,
> 
> Could I have the fix reviewed?
>   http://cr.openjdk.java.net/~xuelei/8213782/webrev.00/
> 
> The SSLCipher.createReadCipher() and createWriteCipher() could return null if the cipher is not supported or the cipher is not available for a certain protocol version.  The caller should check the null value, and send back a "illegal_parameter" alert for such cases.
> 
> I did not add new regression test. The update is straightforward, while constructing an illegal handshake message for such cases is complicated.
> 
> Thanks,
> Xuelei



More information about the security-dev mailing list